|
218721
|
7.5 |
HIGH
Network
|
moxa
|
awk-3131a_firmware
|
An exploitable denial-of-service vulnerability exists in ServiceAgent functionality of the Moxa AWK-3131A, firmware version 1.13. A specially crafted packet can cause an integer underflow, triggering…
|
CWE-191
Integer Underflow (Wrap or Wraparound)
|
CVE-2019-5148
|
2024-11-21 13:44 |
2020-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218722
|
8.8 |
HIGH
Network
|
moxa
|
awk-3131a_firmware
|
An exploitable format string vulnerability exists in the iw_console conio_writestr functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted time server entry can cause an overfl…
|
CWE-134
Use of Externally-Controlled Format String
|
CVE-2019-5143
|
2024-11-21 13:44 |
2020-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218723
|
7.2 |
HIGH
Network
|
moxa
|
awk-3131a_firmware
|
An exploitable command injection vulnerability exists in the hostname functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted entry to network configuration information can cau…
|
CWE-78
OS Command
|
CVE-2019-5142
|
2024-11-21 13:44 |
2020-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218724
|
8.8 |
HIGH
Network
|
moxa
|
awk-3131a_firmware
|
An exploitable command injection vulnerability exists in the iw_webs functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted iw_serverip parameter can cause user input to be re…
|
CWE-78
OS Command
|
CVE-2019-5141
|
2024-11-21 13:44 |
2020-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218725
|
8.8 |
HIGH
Network
|
moxa
|
awk-3131a_firmware
|
An exploitable command injection vulnerability exists in the iwwebs functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted diagnostic script file name can cause user input to …
|
CWE-78
OS Command
|
CVE-2019-5140
|
2024-11-21 13:44 |
2020-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218726
|
7.1 |
HIGH
Local
|
moxa
|
awk-3131a_firmware
|
An exploitable use of hard-coded credentials vulnerability exists in multiple iw_* utilities of the Moxa AWK-3131A firmware version 1.13. The device operating system contains an undocumented encrypti…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2019-5139
|
2024-11-21 13:44 |
2020-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218727
|
9.9 |
CRITICAL
Network
|
moxa
|
awk-3131a_firmware
|
An exploitable command injection vulnerability exists in encrypted diagnostic script functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted diagnostic script file can cause ar…
|
CWE-78
OS Command
|
CVE-2019-5138
|
2024-11-21 13:44 |
2020-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218728
|
7.5 |
HIGH
Network
|
moxa
|
awk-3131a_firmware
|
The usage of hard-coded cryptographic keys within the ServiceAgent binary allows for the decryption of captured traffic across the network from or to the Moxa AWK-3131A firmware version 1.13.
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2019-5137
|
2024-11-21 13:44 |
2020-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218729
|
8.8 |
HIGH
Network
|
moxa
|
awk-3131a_firmware
|
An exploitable privilege escalation vulnerability exists in the iw_console functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted menu selection string can cause an escape fro…
|
NVD-CWE-noinfo
|
CVE-2019-5136
|
2024-11-21 13:44 |
2020-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218730
|
4.3 |
MEDIUM
Network
|
ibm
|
maximo_asset_management
maximo_for_life_sciences
maximo_for_transportation
maximo_for_oil_and_gas
maximo_for_aviation
maximo_for_utilities
maximo_for_nuclear_power
|
IBM Maximo Asset Management 7.6.1.0 could allow a remote attacker to disclose sensitive information to an authenticated user due to disclosing path information in the URL. IBM X-Force ID: 172883.
|
CWE-863
Incorrect Authorization
|
CVE-2019-4745
|
2024-11-21 13:44 |
2020-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
